3851 matches found
InfraPower PPS-02-S Q213V1 - Authentication Bypass
InfraPower PPS-02-S Q213V1 Authentication Bypass Vulnerability Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Fixed version: Q216V3 Firmware: IPD-02-FW-v03 Summary: InfraPower Manager PPS-02-S is a FREE built-in GUI ...
InfraPower PPS-02-S Q213V1 Local File Disclosure Vulnerability
Summary InfraPower Manager PPS-02-S is a FREE built-in GUI of each IP dongle IPD-02-S only to remotely monitor the connected PDUs. Patented IP Dongle provides IP remote access to the PDUs by a true network IP address chain. Only 1xIP dongle allows access to max. 16 PDUs in daisy chain - which is ...
InfraPower PPS-02-S Q213V1 Cross-Site Request Forgery
Summary InfraPower Manager PPS-02-S is a FREE built-in GUI of each IP dongle IPD-02-S only to remotely monitor the connected PDUs. Patented IP Dongle provides IP remote access to the PDUs by a true network IP address chain. Only 1xIP dongle allows access to max. 16 PDUs in daisy chain - which is ...
InfraPower PPS-02-S Q213V1 Authentication Bypass Vulnerability
Summary InfraPower Manager PPS-02-S is a FREE built-in GUI of each IP dongle IPD-02-S only to remotely monitor the connected PDUs. Patented IP Dongle provides IP remote access to the PDUs by a true network IP address chain. Only 1xIP dongle allows access to max. 16 PDUs in daisy chain - which is ...
Delta Electronics WPLSoft, ISPSoft, and PMSoft Vulnerabilities
OVERVIEW Researchers axt and Ariele Caltabiano each working with Trend Micro's Zero Day Initiative ZDI have identified vulnerabilities in Delta Electronics’ WPLSoft, ISPSoft, and PMSoft software applications. Delta Electronics has produced new software versions to mitigate these vulnerabilities...
The vulnerability of the Android operating system, which allows a hacker to increase their privileges
The vulnerability of the initial Android operating system loader from LG Electronics is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges by gaining access to privileged processes...
CVE-2016-3851
The LG Electronics bootloader Android before 2016-08-05 on Nexus 5X devices allows attackers to gain privileges by leveraging access to a privileged process, aka internal bug 29189941...
CVE-2016-3851
The LG Electronics bootloader Android before 2016-08-05 on Nexus 5X devices allows attackers to gain privileges by leveraging access to a privileged process, aka internal bug 29189941...
CVE-2016-3851
CVE-2016-3851 concerns an elevation-of-privilege issue in the LG Electronics bootloader on Nexus 5X devices. The vulnerability arises when a compromised privileged process can be leveraged to gain higher privileges within the system. Public details confirm this is a local escalation risk affectin...
CVE-2016-5671
Multiple cross-site request forgery CSRF vulnerabilities on Crestron Electronics DM-TXRX-100-STR devices with firmware through 1.3039.00040 allow remote attackers to hijack the authentication of arbitrary users...
CVE-2016-5670
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 have a hardcoded password of admin for the admin account, which makes it easier for remote attackers to obtain access via the web management interface...
CVE-2016-5669
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 use a hardcoded 0xb9eed4d955a59eb3 X.509 certificate from an OpenSSL Test Certification Authority, which makes it easier for remote attackers to conduct man-in-the-middle attacks against HTTPS sessions by leveraging th...
CVE-2016-5668
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication and change settings via a JSON API call...
CVE-2016-5667
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication via a direct request to a page other than index.html...
CVE-2016-5666
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which allows remote attackers to obtain access by setting the value of objresp.authenabled to 1...
Hardcoded credentials
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 have a hardcoded password of admin for the admin account, which makes it easier for remote attackers to obtain access via the web management interface...
Authentication flaw
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication via a direct request to a page other than index.html...
Authentication flaw
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which allows remote attackers to obtain access by setting the value of objresp.authenabled to 1...
Authentication flaw
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication and change settings via a JSON API call...
Hardcoded credentials
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 use a hardcoded 0xb9eed4d955a59eb3 X.509 certificate from an OpenSSL Test Certification Authority, which makes it easier for remote attackers to conduct man-in-the-middle attacks against HTTPS sessions by leveraging th...